Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Please help with candy crush cheat
Goto page 1, 2, 3  Next
 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
peace
How do I cheat?
Reputation: 0

Joined: 13 Apr 2013
Posts: 3
Location: United Kingdom

PostPosted: Sat Apr 13, 2013 3:55 pm    Post subject: Please help with candy crush cheat Reply with quote

I downloaded cheat engine, watched the tutorial and then tried it. I could not find which process to use so I went through all of them. On some of them after several scans I was still getting 2 adresses coming up and I kept doing more scans but still it came up with 2.
So I decided to try and change one of them and the first one didnt work so I changed the other one and it changed the number of moves i had left.
I was really pleased until my game ended as normal and did not let me use my extra moves. WHy is this?
What have i done wrong?
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sat Apr 13, 2013 4:19 pm    Post subject: Reply with quote

You need to change 2 of them.
1 of them is the moves that game is relay on and ends game if its reachs 0.
the other one is the visual display which you changed.

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Rectangle
Advanced Cheater
Reputation: 1

Joined: 23 Feb 2013
Posts: 73

PostPosted: Sat Apr 13, 2013 5:03 pm    Post subject: Reply with quote

peace wrote:
I could not find which process to use so I went through all of them.

IF you are using firefox...

You need to open whichever process has the highest peak working set.
Download this tool: www[dot]4shared[dot]com/file/gKTZuTNH/pws[dot]html
Place it somewhere easy to remember (I placed mine in my root C:\ drive).
Open up cheat engine and press CTRL + ALT + L to open the Lua window.
Copy/paste the following code:

Code:
handle = io.popen("C:\\pws.exe FlashPlayerPlugin")
pid = tonumber(handle:read("*a"))
handle:close()
if(pid == nil) then
  print("[ERROR] - Failed to retrieve process ID!")
  exit()
end
openProcess(pid)

Save your script.
Now whenever you want to attach to a flash game, simply load and execute the script.

This will automatically search through any process which has "FlashPlayerPlugin" in it's name, return the PID of whichever one has the highest peak working set, and attach to that process.
I made this tool and script explicitly for Candy Crush Saga using Firefox, and can confirm that it works not only for Candy Crush but for most flash games in Firefox.

IF you are using chrome...

Unfortunately, I haven't taken the time to automate this one yet.
You'll need to load up your flash game and press SHIFT + ESC to bring up chrome's task manager.
Then look for an entry called "Plugin: Shockwave Flash" and check it's PID.
Then either use it temporarily in a Lua script (via openProcess), or convert it to hex to see which entry to choose in CE's process list dialog.

peace wrote:
On some of them after several scans I was still getting 2 adresses coming up and I kept doing more scans but still it came up with 2.
So I decided to try and change one of them and the first one didnt work so I changed the other one and it changed the number of moves i had left.
I was really pleased until my game ended as normal and did not let me use my extra moves

Just as Flash hacker said, the one which seemingly works is just a graphical counter for the GUI. The one which doesn't seem to work is in fact the game's internal counter for the actual number of moves remaining.
I have made an auto-assemble script for the GUI part, but I haven't been successful in making one for the actual # of moves yet. If you get to the part in the game where you encounter timed bombs, I do have a working AA script for that if you'd like it.
Also, in my research I've found the following tile values to be used by the game:
  • 0 = ??? (inbetween/changing/chocolate)
  • 1 = blue
  • 2 = green
  • 3 = orange
  • 4 = purple
  • 5 = red
  • 6 = yellow

Good luck! Let me know if you have any more trouble.
Back to top
View user's profile Send private message
peace
How do I cheat?
Reputation: 0

Joined: 13 Apr 2013
Posts: 3
Location: United Kingdom

PostPosted: Sun Apr 14, 2013 3:49 am    Post subject: Reply with quote

Thankyou. I will try changing both of them. Btw do I have to go through the whole process everytime I try this cheat stuff?
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 7:52 am    Post subject: Reply with quote

Rectangle wrote:
peace wrote:
I could not find which process to use so I went through all of them.

IF you are using firefox...

You need to open whichever process has the highest peak working set.
Download this tool: www[dot]4shared[dot]com/file/gKTZuTNH/pws[dot]html
Place it somewhere easy to remember (I placed mine in my root C:\ drive).
Open up cheat engine and press CTRL + ALT + L to open the Lua window.
Copy/paste the following code:

Code:
handle = io.popen("C:\\pws.exe FlashPlayerPlugin")
pid = tonumber(handle:read("*a"))
handle:close()
if(pid == nil) then
  print("[ERROR] - Failed to retrieve process ID!")
  exit()
end
openProcess(pid)

Save your script.
Now whenever you want to attach to a flash game, simply load and execute the script.

This will automatically search through any process which has "FlashPlayerPlugin" in it's name, return the PID of whichever one has the highest peak working set, and attach to that process.
I made this tool and script explicitly for Candy Crush Saga using Firefox, and can confirm that it works not only for Candy Crush but for most flash games in Firefox.

It sounds very useful that pws.exe

Couldn't test it, It don't return me the PID.
If I try to enable it manually, it says that MSVCR110.dll is missing, but I do have it .-.

So strange!

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Rectangle
Advanced Cheater
Reputation: 1

Joined: 23 Feb 2013
Posts: 73

PostPosted: Sun Apr 14, 2013 2:54 pm    Post subject: Reply with quote

peace wrote:
Thankyou. I will try changing both of them. Btw do I have to go through the whole process everytime I try this cheat stuff?

Nope. Once you save the script and save the cheat table, you just need to load the table or script, press CTRL + ALT + L and hit the execute button again.
I wanted to create a trainer to make it even easier, but like I said I was having trouble with some of the AA scripts so a trainer would be useless at this point (since I only have a bomb cheat and GUI cheat working automatically).

Flash hacker wrote:
Couldn't test it, It don't return me the PID.
If I try to enable it manually, it says that MSVCR110.dll is missing, but I do have it .-.

Try reinstalling the VC redistributable (x86 and x64) at:
www[dot]microsoft[dot]com/en-us/download/details[dot]aspx?id=30679

You can also pass the /L switch to find the lowest instead of the highest working set.
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 3:10 pm    Post subject: Reply with quote

Rectangle wrote:
peace wrote:
Thankyou. I will try changing both of them. Btw do I have to go through the whole process everytime I try this cheat stuff?

Nope. Once you save the script and save the cheat table, you just need to load the table or script, press CTRL + ALT + L and hit the execute button again.
I wanted to create a trainer to make it even easier, but like I said I was having trouble with some of the AA scripts so a trainer would be useless at this point (since I only have a bomb cheat and GUI cheat working automatically).

Flash hacker wrote:
Couldn't test it, It don't return me the PID.
If I try to enable it manually, it says that MSVCR110.dll is missing, but I do have it .-.

Try reinstalling the VC redistributable (x86 and x64) at:
www[dot]microsoft[dot]com/en-us/download/details[dot]aspx?id=30679

You can also pass the /L switch to find the lowest instead of the highest working set.

Thanks its working Smile.
Wondering if it possible to implement it into a trainer, and the VC redistributable so it will work even if user won't have it.

Anyway,
About the auto assembler scripts, tell me I'll help you.
Also tell me in which stages theres timers.

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Rectangle
Advanced Cheater
Reputation: 1

Joined: 23 Feb 2013
Posts: 73

PostPosted: Sun Apr 14, 2013 3:29 pm    Post subject: Reply with quote

Flash hacker wrote:
Anyway,
About the auto assembler scripts, tell me I'll help you.
Also tell me in which stages theres timers.

I was trying to get an AA script working for the # of moves left.
The think the problem is that the AOBScan doesn't always work (may be finding duplicate addresses).
Meanwhile, here's what I DO have working, so far...

Moves (GUI only! Works in every level):
Code:
[ENABLE]
alloc(newmem,2048)

label(memjump)
label(returnhere)

registersymbol(memjump)
aobscan(aobaddy,8B 48 78 8D 49 FF 89 48 78 8B 50 08 8B 8A 10 03 00 00)

newmem:
mov ecx,[eax+78]
lea ecx,[ecx-01]
mov [eax+78],ecx
mov edx,[eax+08]
mov ecx,[edx+00000310]
jmp returnhere

aobaddy:
memjump:
jmp returnhere
nop
nop
nop
nop

returnhere:


[DISABLE]
memjump:
dealloc(newmem)
mov ecx,[eax+78]
lea ecx,[ecx-01]
mov [eax+78],ecx //*
mov edx,[eax+08]
mov ecx,[edx+00000310]
unregistersymbol(memjump)


Freeze Bomb Timers (Starts at level 96, sometimes requires a slight pattern change):
Code:
[ENABLE]
alloc(newmem,2048)

label(memjump)
label(returnhere)

registersymbol(memjump)
aobscan(aobaddy,8B 8A C4 00 00 00 8D 49 FF 89 8A C4 00 00 00 8B 4D F0 89 0D 40 ?? ?? ?? ??)

newmem:
mov ecx,[edx+000000C4]
lea ecx,[ecx-01]
mov [edx+000000C4],ecx
mov ecx,[ebp-10]
mov [04E92840],ecx
jmp returnhere

aobaddy:
memjump:
jmp returnhere
nop
nop
nop
nop

returnhere:


[DISABLE]
memjump:
dealloc(newmem)
mov ecx,[edx+000000C4]
lea ecx,[ecx-01]
mov [edx+000000C4],ecx
mov ecx,[ebp-10]
mov [04E92840],ecx
unregistersymbol(memjump)


Freeze Chocolate Machines (NOTE: Still a bit BUGGY! Starts at level 156)
Code:
[ENABLE]
alloc(newmem,1024)
label(memjump)
label(returnhere)

registersymbol(memjump)
aobscan(aobaddy,8B 51 48 8D 52 FF 89 51 48 8B 51 48 83 FA FF)

newmem:
mov edx,[ecx+48]
lea edx,[edx-01]
mov [ecx+48],edx
mov edx,[ecx+48]
cmp edx,FF
jmp returnhere

aobaddy:
memjump:
jmp returnhere
nop
nop
nop
nop

returnhere:

[DISABLE]
memjump:
dealloc(newmem)
mov edx,[ecx+48]
lea edx,[edx-01]
mov [ecx+48],edx
mov edx,[ecx+48]
cmp edx,FF
unregistersymbol(memjump)


Another idea I had involved freezing timed levels (there's usually one per episode, typically near the end of each), but I eventually gave up on getting this one to work.
Besides, I found out you could just as easily modify the player's score to the minimum requirement and wait for the timer to expire in order to beat the level.
I also believe it's possible to fool the client into thinking it has infinite Crush lollipops, but I could be wrong and you get them so rarely (unless you pay for extras) that It's hardly worth the effort.

Flash hacker wrote:
Wondering if it possible to implement it into a trainer, and the VC redistributable so it will work even if user won't have it.

It may be possible with a little extra effort, but the only way I could see this working would be if you embedded them as a resource and somehow extracted them somewhere on the user's machine, editing the script as needed to point to the correct location.
Perhaps Dark Byte could shed a little more light on this subject, if you wish to create a new thread on it.
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 3:42 pm    Post subject: Reply with quote

Luckly I let my mom play that game in my fb account, she reached level 98.
Heres 2 simple scripts for unlimited moves.
first
Code:
[ENABLE]
//Tip: add address newmem1+3 to set the visual moves value
alloc(newmem1,2048)
label(returnhere)
label(originalcode)
label(exit)
label(restore1)
registersymbol(restore1)
registersymbol(newmem1)
aobscan(moves1,8B 4D CC E8 ?? ?? ?? ?? 8B 43 78 83 EC 0C 50)
newmem1:
originalcode:
mov [ebx+78],#10 //Sets the visual moves into 10, you may edit it.
mov eax,[ebx+78]
sub esp,0C

exit:
jmp returnhere

moves1+8:
restore1:
jmp newmem1
nop
returnhere:

 
[DISABLE]
dealloc(newmem1)
restore1:
mov eax,[ebx+78]
sub esp,0C
//Alt: db 8B 43 78 83 EC 0C
unregistersymbol(restore1)
unregistersymbol(newmem1)

second
Code:
[ENABLE]
//Tip: add address newmem2+3 to set the other moves value :)
alloc(newmem2,2048)
label(returnhere)
label(originalcode)
label(exit)
label(restore2)
registersymbol(restore2)
registersymbol(newmem2)
aobscan(moves2,8B 41 10 83 F8 00 0F 9E C0 0F B6 C0 8B 4D F0)
newmem2:
originalcode:
mov [ecx+10],#10
mov eax,[ecx+10]
cmp eax,00

exit:
jmp returnhere

moves2:
restore2:
jmp newmem2
nop
returnhere:

 
[DISABLE]
dealloc(newmem2)
restore2:
mov eax,[ecx+10]
cmp eax,00
//Alt: db 8B 41 10 83 F8 00
unregistersymbol(restore2)
unregistersymbol(newmem2)


Put the first script in auto assembler > File > Assign to current table
And then switch scripts and do the same, and then you can save it, and enable/disable whenever you want.
(Enable as soon as you enter a game.)

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Rectangle
Advanced Cheater
Reputation: 1

Joined: 23 Feb 2013
Posts: 73

PostPosted: Sun Apr 14, 2013 3:51 pm    Post subject: Reply with quote

Flash hacker wrote:
Put the first script in auto assembler > File > Assign to current table
And then switch scripts and do the same, and then you can save it, and enable/disable whenever you want.
(Enable as soon as you enter a game.)

Are you saying I should add both scripts, enable the first, then enable the second if the first one works?
Or do you mean enable and disable the first, then enable the second?

Flash hacker wrote:
I let my mom play that game in my fb account, she reached level 98

lol the funny thing here is my mom wouldn't stop sending me requests for the damn thing, even after I told her I wouldn't play it, and eventually caved in just so I could kick her butt in it. Without cheating, it only took me a few days. By then I was already hooked.
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 3:55 pm    Post subject: Reply with quote

Rectangle wrote:
Flash hacker wrote:
Put the first script in auto assembler > File > Assign to current table
And then switch scripts and do the same, and then you can save it, and enable/disable whenever you want.
(Enable as soon as you enter a game.)

Are you saying I should add both scripts, enable the first, then enable the second if the first one works?
Or do you mean enable and disable the first, then enable the second?

Flash hacker wrote:
I let my mom play that game in my fb account, she reached level 98

lol the funny thing here is my mom wouldn't stop sending me requests for the damn thing, even after I told her I wouldn't play it, and eventually caved in just so I could kick her butt in it. Without cheating, it only took me a few days. By then I was already hooked.

No no I meant,
Assign them both after Scripts entries.
Enable Both of them (Freeze them, or press on Active boxes).
And whenever you want to disable (turn off the cheat), just unfreeze/uncheck the Active boxes.

P.S
You can do it by your own by checking what accesses* the addresses

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
Rectangle
Advanced Cheater
Reputation: 1

Joined: 23 Feb 2013
Posts: 73

PostPosted: Sun Apr 14, 2013 3:57 pm    Post subject: Reply with quote

Oh btw, if you'd like the source code for pws, I've uploaded it here:
www[dot]4shared.com/zip/aezm77Dl/pws_src[dot]html
Compiled using VS 2012. Maybe that could help you find a way to embed it into a trainer.
Back to top
View user's profile Send private message
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 4:06 pm    Post subject: Reply with quote

That pws is very useful.
And will be VERY useful for Chrome!.
you can make attach to each chrome and chrome process and make it look for pepflashplayer.dll (string).
And if it returns anything then its the right process.

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919
Back to top
View user's profile Send private message
mgr.inz.Player
I post too much
Reputation: 218

Joined: 07 Nov 2008
Posts: 4438
Location: W kraju nad Wisla. UTC+01:00

PostPosted: Sun Apr 14, 2013 4:11 pm    Post subject: Reply with quote

About PID list, and PPID (Parent PID). I made some time ago modified SFX lvl2. It creates txt file, inside extracted trainer folder X:\temp\cetrainers\CETEC.tmp\, this file contains all running processes, PIDs and PPIDs.

But I have to recreate this SFX lvl2 (standalonephase2.dat).

pros:
- simple txt file
- we can parse with simple string:sub

cons:
- it gather processes while launching trainer.

_________________


Last edited by mgr.inz.Player on Sun Apr 14, 2013 4:13 pm; edited 1 time in total
Back to top
View user's profile Send private message MSN Messenger
DaSpamer
Grandmaster Cheater Supreme
Reputation: 52

Joined: 13 Sep 2011
Posts: 1578

PostPosted: Sun Apr 14, 2013 4:12 pm    Post subject: Reply with quote

@cons:
It cannot gather processes while trainer working?

_________________
HEY Hitler
Do you get lazy when making trainers?
Well no more!
My CETrainer will generate it for you in seconds, so you won't get lazy! Very Happy

http://forum.cheatengine.org/viewtopic.php?t=564919


Last edited by DaSpamer on Sun Apr 14, 2013 4:20 pm; edited 2 times in total
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites